Home Unlabelled Hiddenwall - Linux Marrow Module Generator For Custom Rules Alongside Netfilter (Block Ports, Hidden Mode, Rootkit Functions, Etc)

Hiddenwall - Linux Marrow Module Generator For Custom Rules Alongside Netfilter (Block Ports, Hidden Mode, Rootkit Functions, Etc)

By
Tuesday, September 10, 2019
Read
Add Comment

HiddenWall is a Linux substance module generator for custom rules alongside netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, assailant tin position your iptables/ufw to fall... but if you lot receive got HiddenWall, the assailant volition non uncovering the hidden substance module that block external access, because receive got a claw to netfilter on substance land(think similar a mo layer for firewall).
My starting fourth dimension purpose at this projection is protect my personal server, straight off is protect the machines of my friends. When i verbalise "friends", i tell peoples that don't know how to write depression degree code. Using the HiddenWall you lot tin generate your custom substance module for your firewall configuration.
The depression degree programmer tin write novel templates for modules etc...

First step, empathise earlier run
Verify if the substance version is 3.x, 4.x or 5.x:
uname -r
Clone the repository
git clone https://github.com/CoolerVoid/HiddenWall
Enter the folder
cd HiddenWall/module_generator
Edit your firewall rules inwards directory rules/server.yaml, the python scripts job that file to generate a novel firewall module.
$ truthful cat rules/server.yaml module_name: SandWall public_ports: 80,443,53 unhide_key: AbraKadabra hide_key: Shazam fake_device_name: usb14 liberate_in_2_out: True whitelist:  - machine:     ip: 192.168.100.181    open_ports: 22,21 - machine:    ip: 192.168.100.22    open_ports: 22
If you lot desire written report the static code to generate, expect the content at directory "templates".

Second step, generate your module
If you lot desire generate a substance module next your YAML file of rules, follow that command:
$ python3 WallGen.py --template template/hiddenwall.c -r rules/server.yaml
This generate a generic module alongside rules of server.yaml, if you lot desire to job roughly other template you lot tin job "wall.c", as well as then template module "hiddenwall" receive got pick to run on hidden mode(is non visible to "# lsmod" for example).

Third step, install your module
To essay module:
# cd output; brand clean; brand # insmod SandWall.ko
The dominion of YAML to generate module is simple, drib all out to inwards packets, convey ports 80,443 as well as 53. The automobile 192*.181 tin connect at ports 22 as well as 21...
if you lot job nmap at localhost/127.0.0.1 you lot tin thought the ports open... because dominion liberate_in_2_out is true.
Password to plough Firewall visible is "AbraKadabra".
Password to plough Firewall invisible is "Shazam".
You take to post password for your imitation device "usb14".
To live module, you lot take plough visible at "lsmod" dominance ...
# echo "AbraKadabra" > /dev/usb14 # lsmod | grep SandWall # rmmod SandWall

Random notes
Tested on ubuntu sixteen as well as fedora 29 at kernels "3.x","4.x" as well as "5.x".

TODO
Suport to IPV6. Macro to conduct the interface(to job multiple modes for each interface). Option to withdraw final logs when plough shroud mode. Option to search as well as withdraw others toolkits... Code generator to BFP...

References
Wikipedia Netfilter https://en.wikipedia.org/wiki/Netfilter
Linux Device Drivers http://lwn.net/Kernel/LDD3/
M0nad's Diamorphine https://github.com/m0nad/Diamorphine/


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us